Many of us really anticipate the discussions during our LifeBoat group meetings. Please note our new LifeBoat group home meeting location. Everyone may bring in your own snacks, lunch, and drinks to the “brunch lunch” 11am-1pm meeting. Some people also informally get together for “after the meeting” lunch together at different restaurants. The topic description and presenter…

ATO in a Day How quickly can the first five Risk Management Framework (RMF) steps be accomplished to obtain an Authorization to Operate (ATO)? Jason Hess took the opportunity to reevaluate his agency’s RMF implementation.  His “ATO in a Day” initiative equips organizations to deliver Authorizing Official (AO) approved software to the agency’s mission at…

CSF – Our Must Know Language Please note that we will be meeting at another location for our 4 March meeting.  One of our members found an incredibly wonderful new home for all our future meetings starting very soon. to Everyone can easily get information for our RMF LifeBoat Group meetings and many other rewarding chapter activities…

 Data Into Tracked Actions!    Please note that we will be meeting at another different location for our 4 February meeting. We are still searching for a new home location for our meetup. Everyone can easily get information for our Special Interest Group meetings and many other rewarding activities by starting on our parent organization’s…

Applying Lessons Learned to Security Awareness Training. Please note that we will be meeting at a different location beginning with our 7 January meeting. We are currently searching for a new location for our meetup. Details to follow… But do RSVP for this meetup to allow us to appropriately size our new location. IT Security is not always…

Phishing for Christmas! For many years, cybersecurity authorities have observed that phishing is the most prevalent initial enterprise attack vector. Employees just keep clicking. Technology has failed to compensate. Security awareness and training efforts aspiring to stop the clicks have either failed miserably, achieved too little, and/or only changed behavior temporarily. The goal of this…

handout-deconstruct-past-attacks-to-better-plan-for-new-ones-at-rmf-lifeboat-group-19snovember2016

Deconstruct Past Attacks to Better Plan for New Ones   Data breaches ultimately exploit weaknesses in identity access management (IAM) infrastructure.  We can better plan and prepare by improving our conceptual understanding of how and where attacks exploit the flaws and imperfect harmony amongst the people, processes, and technology that comprise our IAM risk mitigation…

Privileged Accounts Management and Auditing of those Accounts: How can an Edward Snowden event be prevented?   Our next RMF LifeBoat meeting is scheduled for 15 October. One reason for this extended break between our meetings to allow time for people to volunteer and prepare to participate as panel members in our extended discussion on a special…

At this meet up we will discuss the implementation of NIST Special Publication (SP) 800-171 into the new contractual regulations with the addition of Federal Acquisition Regulation (FAR) clause 52.204-21. We will review what guidelines have been incorporated, what has been omitted, and what impact the implementation of these regulations will have on contractors. Getting started…

The Risk Management Framework Step 6, Monitor Security Controls, can be summarized as maintaining situational awareness of the authorized information system.  At this meetup, we will discuss unique sensors to keep abreast of the evolving Cyber-landscape, from real-time continuous monitoring (threat detection and remediation), social engineering, RF/wireless, access control and much more. We are very fortunate to…

Our topic will be “Collaborative Network Defense”.  At our last Risk Management Framework (RMF) LifeBoat group meetup, we discussed the NIST Cybersecurity Framework’s five functions: Identify, Protect, Detect, Respond, and Recover.  At this FREE 11am-1pm meetup on Saturday, July 16th, we will see how these functions are implemented in a presentation with these three take…

Women in Security Special Interest Group & Women in Engineering (WIE)   Monthly Webinar Series  Everybody Wins: Positive Workplaces Presented by Julie Starr, VMWare Monday, July 11, 2016, 4:00 – 5:00 PM Eastern Everybody Wins: Fostering Positive Work Environments   No matter how talented you are, there is strength and power in a TEAM — we…

Get Ready for FY16 FISMA !!! As security professionals, we utilize the NIST Risk Management Framework (RMF) to provide a disciplined and structured process that integrates information security and risk management activities into the system development life cycle. The RMF operates primarily at the information system level and its steps include categorize, select, implement, assess,…

A Field Guide to Using The Risk Management Framework Saturday, June 11 @ 11 AM – 1 PM Step 2 We will roll our sleeves up and get dirty in our field guide discussion. We will do a deep dive into applying selected controls with real world examples. We will look at: Recap Step 1…

Virtual Mentoring: Welcome to the Women’s Corner Ask Us Anything That is on Your Minds!Domini Clark, Principal, Blackmere Consulting Nicole Gray, CISO, Venable Law Firm Hanna Sicker, Sr. Manager, Security and Network Operations Center, StubHub  Monday, June 13, 2016, 12 Noon – 1:00 PM Eastern CONNECT. INSPIRE. GROW. Going it alone? No formalized mentoring program…

Information Systems Security Association – Northern Virginia Chapter (ISSA-NOVA) Cybersecurity Challenges in the Commercial World Presented by Mr. Tony Cole, Vice President and Global Government CTO Thursday, June 16, 2016 5:30 PM – Networking and Dinner 6:30 – 8:00 PM – ISSA Nova Announcements & Program Tony Cole, FireEye Vice President and Global Government CTO,…

June 13th Women’s CONNECT event hosted by SANS, ISSA IntlYou are invited to attend a special industry, non-profit, and women’s CONNECT event hosted by SANS at SANSFIRE 2016. Our co-sponsors include American Society for Quality Section 509, George Mason, IEEE Computer Society Northern Virginia & Washington DC, IEEE Northern Virginia, IEEE Women In Engineering, InfoSec…

Important Research Effort for ISSA Greetings, ISSA (Information Systems Security Association) and ESG (Enterprise Strategy Group) have joined forces to level-set and benchmark the progress of the cyber security profession in relation to the world’s ever-escalating demand on the cyber security ecosystem. This first-of-its-kind research and analysis has been designed to benefit cyber security professionals…

Event:               Mason – NSF Cybersecurity Leadership and Innovation Conference Location:           Founders Hall (Room 125/126), 3351 Fairfax Drive, Arlington, VA 22201 Date:                 19 MAY 2016, Thursday Time:                 Registration 7:30am    /     Conference 8:00am – 12:30pm Transportation:   Metro – Virginia Square (Orange Line) Paid parking available…